NetBank Netcode deactivation notice
This heading is a paraphrase of the latest email phish targeting Commonwealth Bank users. The exact subject line is “Netbanking Alert – Netcode deactivation service”. The cyber criminals have stated in their email that it is a “new way for us to get in touch”. This is a psychological ploy. Sneaking in the phrase “new way” catches people off guard. People may lower their suspicions. However, the friendly tone of the email evaporates quickly. There is a problem with your Netcode. The problem must be resolved within 24 hours. If you do nothing, your online banking access will be revoked. According to the email, that is. It is all a fraud.
The full email is shown in Figure A. It’s a realistic effort. A Commonwealth Bank logo is used. The sender of the email is “Commonwealth Netbanking”. The subject line of the email is “Netbanking Alert – Netcode deactivation service”. There is one link in the email. This link uses anchor text that resembles the Commonwealth Bank URL. It’s fake though. The URL leads to a malicious site. The email signs off with “Commonwealth Netbanking”. The email issues a strident call to action by insisting that the user faces removal of online banking access. The user must also click on the link within 24 hours.
As phishing emails go, it is realistic. It is also sneaky. The idea that the Commonwealth Bank is using a new method to communicate with customers may snare victims. A thorough examination of the email does show up signs that it is not legitimate.
The main signs are the greeting, the grammar and the link. The greeting is a generic greeting. Banks don’t use generic greetings. They will use the name in which the account is held. The grammar of the email falls apart in the second paragraph. It doesn’t recover in the final paragraph. The link is not to the Commonwealth Bank. It is to a phishing site. Phishing sites steal user details to commit fraud. Do not click on the link in this email. Delete it immediately.